Web Builder Zone
Did you know? DZone has great portals for Python, Cloud, NoSQL, and HTML5!

My name is Svetoslav Marinov, which has short forms such as Slavi and Svetlio. I am originally from Bulgaria, Europe. Currently, I live in Ontario, Canada and I am working as a Web Developer. With my blog I want to share my knowledge and exchange ideas. www.devcha.com www.slavi.biz Svetoslav is a DZone MVB and is not an employee of DZone and has posted 12 posts at DZone. You can read more from them at their website. View Full User Profile

Convert non-ssl to ssl links automatically and dynamically using Zend

12.07.2011
Email
Views: 1372
  • submit to reddit

We Recommend These Resources

Hello dear readers,

Zend Framework is awesome and you probably know that already that's why you're using it. :)

Have you ever needed to replace the non-ssl links automatically with their SSL equivalent ?

Here is one way to achieve it using a front controller plugin.
The code of the plugin is below however it will need some tweaks on your part.

Replace YOURPREFIX with something like: EXT which will correspond to external classes you add to your Zend Framework installation.
The SecureLinks.php file should be saved in library\YOURPREFIX\Controller\Plugin\SecureLinks.php

Please also make sure you update $redir_script variable to point to your redirect script (code also included below).

In order for this to work is has to be registered with the front controller as follows.

$frontController = Zend_Controller_Front::getInstance();
// .... other cool stuff
$frontController->registerPlugin(new YOURPREFIX_Controller_Plugin_SecureLinks());

SecureLinks.php

<?php

/**
 * Corrects the non-ssl links to ssl ones for your sites.
 *
 * @uses Zend_Controller_Plugin_Abstract
 */
class YOURPREFIX_Controller_Plugin_SecureLinks extends Zend_Controller_Plugin_Abstract {
    /**
     * Updates the output buffer
     * @return void
     */
    public function dispatchLoopShutdown() {
        $ssl = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';
        $redir_script = 'https://secure.yoursite.com/redirect.php?url=';
        
        // do nothing if not SSL
        if (empty($ssl)) {
            return ;
        }

        $response_obj = $this->getResponse();
        $buffer = $response_obj->getBody();

        // We'll proxy the links
        $regex = '#(<(?:a|othertag)[^<>]*(?:src|href)=[\'"])((?:http://(?:[\w-]+\.)?(YOUR-SITE|YOUR-SECOND-SITE)\.\w+)[^\'"]*)#si'; // no extension/TLD

        // if we have images
        if (1) {
            $view = Zend_Registry::get("view");

            // replaces ajax.googleapis, google.com, googlecode.com/
            $buffer = preg_replace('#http://(([\w-]+\.)?google(?:code|apis)?\.\w+[^\'"]*)#si', 'https://\\1', $buffer);

            $buffer = preg_replace($regex, '\\1' . $redir_script . '\\2', $buffer);

            $response_obj->setBody($buffer);
        }
    }
}
?>

redirect.php

<?php

// usage: save it as redirect.php
// make links pointing to it as redirect.php?url=http://yahoo.com
$url = empty($_GET['url']) ? '' : $_GET['url'];

if (!empty($url)) {
    header('Location: ' . $url);
    exit;
}

?>

 

Source: http://www.devcha.com/2011/12/zend-framework-how-to-convert-non-ssl.html

 

Tags:
Published at DZone with permission of Svetoslav Marinov, author and DZone MVB.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)

Controlling complexity is the essence of computer programming.
— Brian Kernigan